Note:

The code included in this article has not been reviewed and should not be used without proper analysis. If you have reviewed the included code (or portions of it), please post your findings back to this page or to: stephen [at] corsaire.com.

Overview

Java Cryptographic Extensions (JCE) is a set of Java API's which provides cryptographic services such as encryption, secret Key Generation, Message Authentication code and Key Agreement. The ciphers supported by JCE include symmetric, asymmetric, block and stream ciphers. JCE was an optional package to JDK v 1.2.x and 1.3.x. JCE has been integrated into JDK v1.4.

JCE API's are implemented by Cryptographic Service Providers. Each of these cryptographic service providers implements the Service Provider Interface which specifies the functionalities which needs to be implemented by the service providers. Programmers can plugin any Service Providers for performing cryptographic functionalities provided by JCE. J2SE comes with a default provider named SunJCE.

Symmetric Encryption Algorithms provided by SunJCE

DES - default keylength of 56 bits

AES -

RC2, RC4 and RC5

IDEA

Triple DES – default keylength 112 bits

Blowfish – default keylength 56 bits

PBEWithMD5AndDES

PBEWithHmacSHA1AndDESede

DES ede

Modes of Encryption

ECB

CBC

CFB

OFB

PCBC

Asymmetric Encryption Algorithms implemented by SunJCE

RSA

Diffie-Hellman – default keylength 1024 bits

Hashing / Message Digest Algorithms implemented by SunJCE

MD5 – default size 64 bytes

SHA1 - default size 64 bytes

Examples

SecureRandom

SecureRandom class is used to generate a cryptographically strong pseudo random number by using a PRNG Algorithm.
The following are the advantages of using SecureRandom over Random.
1. SecureRandom produces a cryptographically strong pseudo random number generator.
2. SecureRandom produces cryptographically strong sequences as described in
RFC 1750: Randomness Recommendations for Security